<?php
namespace Home\Controller;
use Think\Controller;
use Org\Util\Rbac;

class PublicController extends Controller{
	function login(){ 
		$this->display();
	}
	
	function do_login(){
		$dat = I('post.');   
		$keystr = $dat['uname'];
		$where = ' username="'.$keystr.'" or phone="'.$keystr.'" '; 
		$user = M('RbacManager')->where($where)->find();
		if(empty($user)){
			$this->error('账号不存在',U('/Public/login'));
		}
		if(1!=$user['status']){
			$this->error('账号已被禁用',U('/Public/login'));
		}
		if(MD5($dat['upass'])!=$user['password']){
			$this->error('密码错误',U('/Public/login'));
		} 
		session('LG_USER',$user);
		if($user['username'] == C('ADMIN_AUTH_KEY')){
	    	session(C('ADMIN_AUTH_KEY'),$user['username']);
			$this->success('登陆成功',U('/Index/index'));
	    }else{
	    	Rbac::saveAccessList($user['id']);
			$this->success('登陆成功',U('/Index/index'));
	    } 
	}
	
	
	function logout(){
        session_unset();
		session_destroy();
        $url = U('/Public/login');
        echo "<script type='text/javascript'>window.top.location.href = '".$url."';</script>";
	}
	
}